i have to identify all the laptops in our organization.
single OU named "computers". all the computers are named by the name of the user using it. no information about the computer type.
in order to deploy a soft on laptops only, i have to "isolate" them.
i ran the following script.
$ErrorActionPreference = "silentlyContinue"
$coms=Get-ADComputer -Filter * -SearchBase "CN=Computers,DC=domain,DC=com" |select -exp name
Foreach($com in $coms)
{
Get-WmiObject win32_computersystem -comp $com | Select-Object PCSystemType,Name,Manufacturer,Model | format-table
}
it works pretty good. but not so easy to sort.
i wanted to make it better, and ran the following:
$ErrorActionPreference = "silentlyContinue"
$coms=Get-ADComputer -Filter * -SearchBase "CN=Computers,DC=domain,DC=com" |select -exp name
Foreach($com in $coms)
{
Get-WmiObject win32_computersystem -comp $com| Select-Object PCSystemType,Name,Manufacturer,Model | format-table
if ($com.PCSystemType -eq '2'){Write-host "$com is a laptop"}
else {Write-host "$com is a desktop"}
}
i now have this result:
COMP1 is a desktop
COMP2 is a desktop
COMP3 is a desktop
COMP4 is a desktop
LAPTOP1 is a desktop
LAPTOP2 is a desktop
LAPTOP3 is a desktop
Both laptops and desktops are desktops according my script.
what i did wrong?
any tip would help! thanks
The purpose of the Format-* cmdlets is to create pretty output to the console; to be human-readable. It does this by creating different objects from what you pass in to accomplish an ends. As a result, you have unusable objects and are essentially accessing $null.
Removing | Format-Table will fix your problem.
You need to store the value of your WMI query in a variable before evaluating it in your if loop.
Slightly modified version:
$coms = #("localhost")
Foreach($com in $coms) {
$wmi = Get-WmiObject win32_computersystem -comp $com
switch ($wmi.PCSystemType) {
'0' { "$com is a Unspecified " }
'1' { "$com is a Desktop " }
'2' { "$com is a Mobile " }
'3' { "$com is a Workstation " }
'4' { "$com is a Enterprise Server" }
'5' { "$com is a SOHO Server" }
'6' { "$com is a Appliance PC" }
'7' { "$com is a Performance Server" }
'8' { "$com is a Maximum" }
Default { "Unable to get correct value for $com" }
}
}
Related
I am writing a script to query what edition of Windows machines are on. So far I have the following code:
$ASSETNUM = Read-Host "Please enter a valid asset tag"
Get-WmiObject Win32_OperatingSystem -ComputerName $ASSETNUM | select PSComputerName, Caption, OSArchitecture, Version, BuildNumber | FL
if (Caption = "Microsoft Windows 10 Enterprise"){
Write-Host "This works"
} else {
Write-Host "This did not work"
}
The first part before the if statement works as intended. However, I wish to query the "Caption" to be able to run a further function afterwards. However, I'm at a loss on how to query this. The Write-Host parts are just for testing until I get this working.
Remove | FL because that is only to display stuff onto the screen.
Instead, capture the output in a variable and use that
$os = Get-WmiObject Win32_OperatingSystem -ComputerName $ASSETNUM | Select-Object PSComputerName, Caption, OSArchitecture, Version, BuildNumber
Next, use the $os variable to get the property you need, in this case you want
if ($os.Caption -eq "Microsoft Windows 10 Enterprise"){
Write-Host "This works"
}
else {
Write-Host "This did not work"
}
P.S. The = is an assignment, in case you want to compare something inside an if(), you need to use PowerShell's comparison operator -eq
I'm trying to downgrade TPM on several HP laptops. I'm attempting to create a powershell script that will grab the TPM Manufacturer Version number, and check that number against a list of possible numbers. Once it matches one of those number execute the program to downgrade the TPM version.
I started with throwing the output into a variable, and attempting to check the variable against a static number to start the correct program. The variable is stored, but when I try to check it against "7.61" it doesn't seem to be actually checking the result. The result of 7.61 is not returning "Success"
I realize powershell is different, and my IF ELSE statements are probably just outdated. Any help would be very appreciated!
Assume TPM ManufacturerVersion is 7.61
$variable = get-WmiObject -Namespace root\cimv2\security\microsofttpm -Class Win32_Tpm | Select-Object ManufacturerVersion | Out-String
if($variable -eq "8"){
Write-Host "success"
}else{
Write-Host "Fail"
}
enter image description here
You are comparing strings, rather than 'versions'. If you are only checking for simple equality, then using a direct string comparison will do:
PS C:\> "10.5" -eq "10.5"
True
However, if you want to determine, say, if one version is greater than another, strings won't work. For example:
PS C:\> "100.5" -gt "55.3"
False
In that case, you should cast the version strings to actual Version types, then the comparison will work properly. For example:
$tmp = Get-WmiObject -Namespace "root\cimv2\security\microsofttpm" -Class Win32_TPM
if ([Version]$tmp.ManufacturerVersion -eq [Version]"8.0")
{
"Success"
}
else
{
"Fail"
}
Also, if you need to compare the TPM version against multiple possibilities, then a switch statement makes for neater code:
$tmp = Get-WmiObject -Namespace root\cimv2\security\microsofttpm -Class Win32_TPM
Set-Location "C:\Users\ADministrator\Desktop\TPM Downgrade"
switch([Version]$tmp.ManufacturerVersion)
{
{$_ -eq [Version]"7.62"} { '.\7.62 downgrade.cmd'}
{$_ -eq [Version]"7.61"} { '.\7.61 downgrade.cmd'}
{$_ -eq [Version]"7.60"} { '.\7.60 downgrade.cmd'}
{$_ -eq [Version]"7.41"} { '.\7.41 downgrade.cmd'}
{$_ -eq [Version]"7.40"} { '.\7.40 downgrade.cmd'}
default {"Unable to find downgrade BIN for your firmware version"}
}
Try this one
$variable = get-WmiObject -Namespace root\cimv2\security\microsofttpm -Class Win32_Tpm | Select-Object ManufacturerVersion
if($variable.ManufacturerVersion -eq "8"){
Write-Host "success"
}else{
Write-Host "Fail"
}
Thank you all for your feedback and help. This is the final product and its working great.
$tmp = get-WmiObject -Namespace root\cimv2\security\microsofttpm -Class Win32_TPM
Set-Location "C:\Users\ADministrator\Desktop\TPM Downgrade"
if ([Version]$tmp.ManufacturerVersion -eq [Version]"7.62"){
& '.\7.62 downgrade.cmd'
}elseif ([Version]$tmp.ManufacturerVersion -eq [Version]"7.61"){
& '.\7.61 downgrade.cmd'
}elseif ([Version]$tmp.ManufacturerVersion -eq [Version]"7.60"){
& '.\7.60 downgrade.cmd'
}elseif ([Version]$tmp.ManufacturerVersion -eq [Version]"7.41"){
& '.\7.41 downgrade.cmd'
}elseif ([Version]$tmp.ManufacturerVersion -eq [Version]"7.40"){
& '.\7.40 downgrade.cmd'
}else{
Write-Host "Unable to find downgrade BIN for your firmware version"
}
Basically as per screen-shot there are multiple worker processes are running on machine in IIS but we need w3wp which is running under Sitecore User Username.
We tried below PS script but getting blank value in User Name column
$processlist = get-process | where {$_.cpu -gt 5 -and $_.Name -eq 'w3wp'} |select Name, #{l="User name";e={$_.getowner().user}} | ft -AutoSize
foreach($proc in $processlist){
if($proc -eq "Sitecore User" ){
C:\Users\Administrator\Documents\someexe.exe $proc.Id "C:\Users\Administrator\Documents\output.dmp"
}
}
and finally we need to perform some action on process Id.
I suggest the following PoSh-Script that should give you all the necessary info and more:
# Ensure to import the WebAdministration module
Import-Module WebAdministration
# Declare the variables
$server = "localhost"
$search = "*"
$wmiQuery=[wmisearcher]"SELECT * FROM __Namespace where NAME like 'WebAdministration' or NAME like 'MicrosoftIISv2'"
$wmiQuery.Scope.Path = "\\" + $server + "\root"
$WebNamespace = $wmiQuery.Get()
# Checking if the the server has IIS installed
if($WebNamespace -like '*WebAdministration*')
{
"IIS found on $server"
$WPlist=Get-WmiObject -NameSpace 'root\WebAdministration' -class 'WorkerProcess' -ComputerName 'LocalHost'
# Loop through the list of active IIS Worker Processes w3wp.exe and fetch the PID, AppPool Name and the startTime
forEach ($WP in $WPlist)
{
if ($WP.apppoolname -like$search)
{
write-host "Found:""PID:"$WP.processid "AppPool_Name:"$WP.apppoolname
(get-process -ID $WP.processid|select starttime)
}
}
}
Else
{
write-host"WARNING: IIS not detected."
}
Ref: https://blogs.msdn.microsoft.com/webtopics/2015/11/28/query-the-active-worker-process-information-in-iis-7-x-using-powershell/
Like many others, my background is in Linux with no powershell experience. So this object oriented programming is messing me up.
I need to search through VMware Horizon for VMs with users assigned to them, then check if they are disabled in AD. If they are disabled in AD I want to recycle the VM.
At the moment I am pulling the SIDs for the users from VMware Horizon, but when I try to use these in an invoke-command against AD I receive the following error
"Object reference not set to an instance of an object"
The Script so far
function getlist() {
$temp=Invoke-Command -ComputerName $vdiserver -ScriptBlock { add-pssnapin vmware.view.broker; get-desktopvm | select user_sid }
$list=$temp | Select-Object user_sid
#$list
}
$vdi1="server1"
$vdi2="server2"
$test=Test-Connection -ComputerName $vdi1 -Quiet
$test2=Test-Connection -ComputerName $vdi2 -Quiet
if ($test -eq "True"){
$vdiserver=$vdi1
getlist
}
elseif ($test2 -eq "True"){
$vdiserver=$vdi2
getlist
}
else {echo "No servers to connect to"}
ForEach ($user in $list) #{
#echo $user
#sleep 1
#}
{Invoke-Command -ComputerName domaincontroller -ScriptBlock {param($p1) get-aduser -identity $p1 } -argumentlist $user}
So this object oriented programming is messing me up.
So you're trying to revert to shell script, and writing twice as much code to do achieve half as much work.
The most important bit you're missing is to imagine an object as a collection of things - like, imagine you're working with /etc/passwd and each line has a user ID and a group ID and a home directory and a login shell.. and you're passing the entire line around at once, that's your analogous object.
An object has many properties, just like that (but overall more capable).
When you Select user_sid you're choosing that field to stay in the 'line', but the line is still something like :::user_sid:::: with the other fields now empty. (Approximately). But they're still there and in the way. To work with it directly, you have to get it out of the 'line' entirely - throw the container away and just have the user_sid outside of it.
get-desktopvm | select user_sid
->
get-desktopvm | select -expandproperty user_sid
which makes "sid1", "sid2", "sid3", but no containers for each sid.
This
function getlist() {
$temp=Invoke-Command -ComputerName $vdiserver -ScriptBlock { add-pssnapin vmware.view.broker; get-desktopvm | select user_sid }
$list=$temp | Select-Object user_sid
}
is essentially saying
function getlist() {
#do any amount of work here, and throw it all away.
}
Because the function returns nothing, and it doesn't change any data on disk or anything, so when the function finishes, the variables are cleared out of memory, and you can't use them afterwards.
This:
if ($test -eq "True"){
is a bit of a nonsense. It might work, but it's not working how you expect because it's happenstance that "a string with content" compared to a boolean True is True, regardless of the string containing the English word "True" or not. But it's also redundant - $test is itself true or false, you don't need to compare True with anything. if ($test). Or even if (Test-Connection -ComputerName $vdi -Quiet)
But stillll, so much work. Just connect to them all, and let it fail for the ones it can't contact. Maybe add -ErrorAction SilentlyContinue if you don't want to see the error.
$VMs = Invoke-Command -ComputerName Server1,Server2 -ScriptBlock {
Add-PsSnapin vmware.view.broker
Get-DesktopVm
}
Now you have all the VMs, get the user enabled/disabled state
foreach ($VM in $VMs) {
$Sid = $VM.user_sid
$AdEnabled = Invoke-Command -ComputerName domaincontroller -ScriptBlock {
(Get-AdUser -Identity $using:Sid).Enabled
}
$VM| Add-Member -NotePropertyName 'AdEnabled' -NotePropertyValue $AdEnabled
}
Now you should ideally have $VM as an array of objects, each one having all the VM Desktop properties - and also the True/False state of the AD Enabled property for that user account.
$VM | Out-Gridview
or
$VM | Export-Csv Report.csv
or
$VM | Where-Object { -not $_.AdEnabled }
I'm trying to get the username of domain users in a PowerShell logon script. Any number of different users may log into the computers in question.
A local user account (let's call it 'syscheck') is configured on Win7/Win8 domain clients for the purpose of running a PS script (PS 2.0/3.0); the script resides locally and is launched by Task Scheduler on user logon. The script needs to obtain the username of the domain user that is logging in.
I've attempted to do this with WMI:
Get-WmiObject Win32_ComputerSystem | Select-Object -ExpandProperty UserName
but this does not return anything when the script runs.
If I try this:
$env:USERNAME
The username of the 'syscheck' local account is returned.
Is the domain username not yet available when the script is running on logon?
Perhaps there a way to do this with .NET? Other options?
***** UPDATE August 8 *****
I've tested with the solution provided (thanks Alexander!) but still can NOT retrieve the username of the logged-in user. I believe this is because, as mentioned above, this is a logon script launched by Task Scheduler. The principal for the Task that launches the script is a local account. For some reason, all methods of trying to get the domain username fail.
Here is latest attempt:
First, this is how I call the function:
$indx = 0
do {
$username = GetDomUser
if (($indx -eq 25) -or ($username.Length -ne 0)) {
Write-Output $username
Break
}
else {
Start-Sleep -Seconds 12
}
$indx++
}
while ($indx -lt 25) # 5 minutes is PLENTY of time for boot...
Now, here's the function:
Function GetDomUser {
$compname = $($env:COMPUTERNAME)
$pattern = '"MYDOMAIN",Name='
$antecedent = #(Get-WmiObject -Class Win32_LoggedOnUser -ComputerName $compname |
Where-Object { $_.Antecedent -match $pattern } | Select-Object -ExpandProperty Antecedent)
Return ([regex]::Match([string]$antecedent[0],"$pattern(.*$)").Value).Split('=')[1] -replace '"', ""
}
Of course, this works perfectly from the console once the machine has booted.
Is it possible to refresh whatever store the Win32_LoggedOnUser Class gets its data from?
Other options?
Here are previous methods I've tried - all return the username of the principal of the Task that launches the script (or an empty string, which is what D returns).
$usernameA = $([System.Security.Principal.WindowsIdentity]::GetCurrent().Name)
$usernameB = $(whoami)
$usernameC = $($env:USERNAME)
$usernameD = $(Get-WmiObject Win32_ComputerSystem -ComputerName $compname | Select-Object -ExpandProperty UserName)
$usernameE = $([Environment]::UserName)
Here's what you could do to find out what's going on:
$iLOGON32_LOGON_INTERACTIVE = 2
$cLogonSessions = Get-WmiObject -Class "Win32_LogonSession" `
| Where-Object { $_.LogonType -eq $iLOGON32_LOGON_INTERACTIVE }
if ($cLogonSessions -ne $null) {
$cInteractiveLogons = #()
foreach ($oLogonSession in $cLogonSessions) {
$sWmiQuery = ('ASSOCIATORS OF {{Win32_LogonSession.LogonId="{0}"}} ' `
+ 'WHERE AssocClass=Win32_LoggedOnUser') -f $oLogonSession.LogonId
$cInteractiveLogons += Get-WMIObject -Query $sWmiQuery `
| Select-Object -ExpandProperty "Caption"
}
} else {
$ex = New-Object -TypeName System.NullReferenceException(`
'$cInteractiveLogons is null.')
throw $ex
}
$cInteractiveLogons | Select-Object -Unique
When $cInterativeLogons is null exception is thrown, it means that no-one is logged on interactively (yet) in which case you can wait and re-check later.
Note that this code is not reliable because LOGON32_LOGON_INTERACTIVE wasn't limited to local console logons in XP and earlier versions.
As for actual solution, I'd recommend using some kind of explicit notifications. You could for example make use of events. Subscribe for an event and then emit the event from the user's regular logon script.
The problem was not with the WMI code but rather the state of the machine it was being run on. It turns out that when users are VPNed into their machines (almost always thanks to a VPN client's automated reconnect feature), or have some third-party utility installed (e.g. certain cloud backup services), there are multiple Logons and "the" logged on user is ambiguous.
For now this is working pretty well:
Function GetDomainUser {
$compname = $($env:COMPUTERNAME)
$pattern = '"' + $($env:USERDOMAIN) + '"' + ',Name='
$antecedent = #(Get-WmiObject -Class Win32_LoggedOnUser -ComputerName $compname |
Where-Object { $_.Antecedent -match $pattern } |
Select-Object -ExpandProperty Antecedent | Select-Object -Unique)
Return $(([regex]::Match([string]$antecedent,$($pattern + '(".+")')).Value).Split('=')[1] -replace '"','')
}
But I had to write addition code to work around cases when the LoggedOnUser cannot be discovered (multiple logons exist), or when no one is logged in.